3 matches found
CVE-2023-29527
CVE-2023-29527 affects XWiki Platform. A user lacking script/Programming rights could insert groovy script content into a profile or document via the wiki editor; saving the document would cause the server to execute that groovy code, enabling code execution. The issue is tied to XWiki’s handling...
CVE-2023-29527 Code injection from account through AWM view sheet in xwiki platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user without script or programming right may edit a user profile or any other document with the wiki editor and add groovy script content. Viewing the document after...
CVE-2023-29527 Code injection from account through AWM view sheet in xwiki platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user without script or programming right may edit a user profile or any other document with the wiki editor and add groovy script content. Viewing the document after...